Projects and e-book for our course, REST APIs with Flask and Python

The microblogging application developed in my Flask Mega-Tutorial series. This version maps to the 2024 Edition of the tutorial.

The most comprehensive database of Chinese poetry 🧶最全中华古诗词数据库, 唐宋两朝近一万四千古诗人, 接近5.5万首唐诗加26万宋诗. 两宋时期1564位词人，21050首词。

Pythonic HTML Parsing for Humans™

This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.

This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.

An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

security tips for startups

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

A collected list of awesome security talks

An opinionated list of awesome Python frameworks, libraries, software and resources.

Automated Mass Exploiter

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by https://zapple.tech and https://automated-testing.info

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Security Tool to Look For Interesting Files in S3 Buckets

Weaponized web shell

Source code for Hacker101.com - a free online web and mobile security class.

Python AST-based static analyzer from OpenStack Security Group

😎 Awesome lists about all kinds of interesting topics

fsociety Hacking Tools Pack – A Penetration Testing Framework

WebGoat is a deliberately insecure application

Set up a modern web app by running one command.

The Browser Exploitation Framework Project

Automatic SQL injection and database takeover tool

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Knock Subdomain Scan